English
Related papers

Related papers: ObliInjection: Order-Oblivious Prompt Injection At…

200 papers

LLM-based agents are increasingly deployed for complex tasks requiring planning, tool use, and interaction with external services. Their reliance on untrusted external content exposes them to indirect prompt injection (IPI), in which…

Machine Learning · Computer Science 2026-05-26 Zixuan Chen , Jiaxiang Chen , Li Luo , Ke Xu , Xiaoxiang Huang , Tanfeng Sun , Xinghao Jiang

As Large Language Model (LLM) agents become more capable, their coordinated use in the form of multi-agent systems is anticipated to emerge as a practical paradigm. Prior work has examined the safety and misuse risks associated with agents.…

Artificial Intelligence · Computer Science 2026-02-26 Akshat Naik , Jay Culligan , Yarin Gal , Philip Torr , Rahaf Aljundi , Alasdair Paren , Adel Bibi

With the development of technology, large language models (LLMs) have dominated the downstream natural language processing (NLP) tasks. However, because of the LLMs' instruction-following abilities and inability to distinguish the…

Cryptography and Security · Computer Science 2025-10-07 Yulin Chen , Haoran Li , Yuan Sui , Yangqiu Song , Bryan Hooi

This paper studies physical consequences of unobservable false data injection (FDI) attacks designed only with information inside a sub-network of the power system. The goal of this attack is to overload a chosen target line without being…

Systems and Control · Computer Science 2018-05-03 Jiazi Zhang , Zhigang Chu , Lalitha Sankar , Oliver Kosut

Vision-language artificial intelligence models (VLMs) possess medical knowledge and can be employed in healthcare in numerous ways, including as image interpreters, virtual scribes, and general decision support systems. However, here, we…

Cryptography and Security · Computer Science 2025-03-20 Jan Clusmann , Dyke Ferber , Isabella C. Wiest , Carolin V. Schneider , Titus J. Brinker , Sebastian Foersch , Daniel Truhn , Jakob N. Kather

Although multimodal large language models (MLLMs) are increasingly deployed in real-world applications, their instruction-following behavior leaves them vulnerable to prompt injection attacks. Existing prompt injection methods predominantly…

Computer Vision and Pattern Recognition · Computer Science 2026-04-01 Meiwen Ding , Song Xia , Chenqi Kong , Xudong Jiang

Prompt injection constitutes a significant challenge for generative AI systems by inducing unintended outputs. We introduce a multi-agent NLP framework specifically designed to address prompt injection vulnerabilities through layered…

Artificial Intelligence · Computer Science 2025-03-17 Diego Gosmar , Deborah A. Dahl , Dario Gosmar

Prompt injection attacks represent a major vulnerability in Large Language Model (LLM) deployments, where malicious instructions embedded in user inputs can override system prompts and induce unintended behaviors. This paper presents a…

Cryptography and Security · Computer Science 2025-12-18 S M Asif Hossain , Ruksat Khan Shayoni , Mohd Ruhul Ameen , Akif Islam , M. F. Mridha , Jungpil Shin

Current research in adversarial robustness of LLMs focuses on discrete input manipulations in the natural language space, which can be directly transferred to closed-source models. However, this approach neglects the steady progression of…

Machine Learning · Computer Science 2025-04-17 Leo Schwinn , David Dobre , Sophie Xhonneux , Gauthier Gidel , Stephan Gunnemann

LLM-integrated applications and agents are vulnerable to prompt injection attacks, where an attacker injects prompts into their inputs to induce attacker-desired outputs. A detection method aims to determine whether a given input is…

Cryptography and Security · Computer Science 2025-11-13 Yupei Liu , Yuqi Jia , Jinyuan Jia , Dawn Song , Neil Zhenqiang Gong

Prompt injection attacks can compromise the security and stability of critical systems, from infrastructure to large web applications. This work curates and augments a prompt injection dataset based on the HackAPrompt Playground Submissions…

Cryptography and Security · Computer Science 2025-12-16 Safwan Shaheer , G. M. Refatul Islam , Mohammad Rafid Hamid , Md. Abrar Faiaz Khan , Md. Omar Faruk , Yaseen Nur

Multi-modal large language model (MLLM)-based web agents interact with webpage environments by generating actions based on screenshots of the webpages. In this work, we propose WebInject, a prompt injection attack that manipulates the…

Machine Learning · Computer Science 2025-10-20 Xilong Wang , John Bloch , Zedian Shao , Yuepeng Hu , Shuyan Zhou , Neil Zhenqiang Gong

Recent studies demonstrate that Large Language Models (LLMs) are vulnerable to different prompt-based attacks, generating harmful content or sensitive information. Both closed-source and open-source LLMs are underinvestigated for these…

Cryptography and Security · Computer Science 2025-05-21 Jiawen Wang , Pritha Gupta , Ivan Habernal , Eyke Hüllermeier

The inference process of modern large language models (LLMs) demands prohibitive computational resources, rendering them infeasible for deployment on consumer-grade devices. To address this limitation, recent studies propose distributed LLM…

Cryptography and Security · Computer Science 2025-05-26 Xinjian Luo , Ting Yu , Xiaokui Xiao

Large Language Models (LLMs) are widely deployed in applications that accept user-submitted content, such as uploaded documents or pasted text, for tasks like summarization and question answering. In this paper, we identify a new class of…

Cryptography and Security · Computer Science 2025-08-28 Zhuotao Lian , Weiyu Wang , Qingkui Zeng , Toru Nakanishi , Teruaki Kitasuka , Chunhua Su

Indirect prompt injection threatens LLM agents by embedding malicious instructions in external content, enabling unauthorized actions and data theft. LLM agents maintain working memory through their context window, which stores interaction…

Cryptography and Security · Computer Science 2026-02-10 Ruoyao Wen , Hao Li , Chaowei Xiao , Ning Zhang

LLM agents are highly vulnerable to Indirect Prompt Injection (IPI), where adversaries embed malicious directives in untrusted tool outputs to hijack execution. Most existing defenses treat IPI as an input-level semantic discrimination…

Cryptography and Security · Computer Science 2026-03-12 Yu He , Haozhe Zhu , Yiming Li , Shuo Shao , Hongwei Yao , Zhihao Liu , Zhan Qin

When large language model (LLM) systems interact with external data to perform complex tasks, a new attack, namely prompt injection, becomes a significant threat. By injecting instructions into the data accessed by the system, the attacker…

Cryptography and Security · Computer Science 2025-08-26 Sizhe Chen , Yizhu Wang , Nicholas Carlini , Chawin Sitawarin , David Wagner

Despite their potential, recent research has demonstrated that LLM agents are vulnerable to prompt injection attacks, where malicious prompts are injected into the agent's input, causing it to perform an attacker-specified task rather than…

Large Language Models (LLMs) are increasingly integrated into real-world applications, from virtual assistants to autonomous agents. However, their flexibility also introduces new attack vectors-particularly Prompt Injection (PI), where…

Cryptography and Security · Computer Science 2025-09-17 Mengxiao Wang , Yuxuan Zhang , Guofei Gu